嗨,我想知道是否有人可以提供帮助。我从我的主机公司收到一封电子邮件,说我的服务器有一些奇怪的流量。快速查看日志文件显示了下面的示例日志。日志文件中有数千封电子邮件。
有人可以建议我如何阻止所有从我的 Linux 服务器发送的电子邮件。如果有帮助,我使用的是 Ubuntu 12.03 LTS。
Jan 31 09:52:30 myserver postfix/smtp[55852]: 03EC14869A: to=<QAnne-Pascale.Targe@ciera.ulaval.ca>, relay=exch-spam02.ulaval.ca[132.203.244.24]:25, delay=229193, delays=229193/0.17/0.47/0, dsn=4.0.0, status=deferred (host exch-spam02.ulaval.ca[132.203.244.24] refused to talk to me: 554-exch-spam02.ulaval.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)
Jan 31 09:52:30 myserver postfix/smtp[55870]: connect to cluster8.us.messagelabs.com[216.82.241.132]:25: Connection refused
Jan 31 09:52:30 myserver postfix/smtp[55849]: 5049348710: to=<Qst-onge.mathieu.3@courrier.uqam.ca>, relay=mail3.uqam.ca[132.208.246.162]:25, delay=229188, delays=229187/0.15/0.52/0, dsn=4.0.0, status=deferred (host mail3.uqam.ca[132.208.246.162] refused to talk to me: 554-data.crochet.telecom.uqam.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)
Jan 31 09:52:30 myserver postfix/smtp[55870]: connect to cluster8a.us.messagelabs.com[85.158.139.103]:25: Connection refused
Jan 31 09:52:30 myserver postfix/smtp[55861]: 3437C4876E: to=<racicot.yves@uqam.ca>, relay=mail3.uqam.ca[132.208.246.162]:25, delay=229181, delays=229180/0.2/0.45/0, dsn=4.0.0, status=deferred (host mail3.uqam.ca[132.208.246.162] refused to talk to me: 554-data.crochet.telecom.uqam.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)
Jan 31 09:52:30 myserver postfix/smtp[55846]: 8503348BF7: to=<tremblayjg@csc-scc.gc.ca>, relay=mail2.csc-scc.gc.ca[198.103.56.136]:25, delay=228588, delays=228587/0.12/0.68/0, dsn=4.0.0, status=deferred (host mail2.csc-scc.gc.ca[198.103.56.136] refused to talk to me: 554-mxlaval.csc-scc.gc.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)
Jan 31 09:52:30 myserver postfix/smtp[55870]: connect to cluster8a.us.messagelabs.com[216.82.251.230]:25: Connection refused
Jan 31 09:52:30 myserver postfix/smtp[55865]: A5E364984A: to=<vaillancourt.yves@uqam.ca>, relay=mail2.uqam.ca[132.208.246.165]:25, delay=228559, delays=228558/0.27/0.46/0, dsn=4.0.0, status=deferred (host mail2.uqam.ca[132.208.246.165] refused to talk to me: 554-data.hamecon.telecom.uqam.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)
Jan 31 09:52:30 myserver postfix/smtp[55870]: F0E6948932: to=<rbrophy@bickertonbrokers.com>, relay=none, delay=229161, delays=229161/0.33/0.4/0, dsn=4.4.1, status=deferred (connect to cluster8a.us.messagelabs.com[216.82.251.230]:25: Connection refused)
Jan 31 09:52:30 myserver postfix/smtp[55843]: A83CA486EF: to=<Qjonathan.durand-folcol.1@ulaval.ca>, relay=exch-spam02.ulaval.ca[132.203.244.24]:25, delay=229191, delays=229190/0.27/0.48/0, dsn=4.0.0, status=deferred (host exch-spam02.ulaval.ca[132.203.244.24] refused to talk to me: 554-exch-spam02.ulaval.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)
Jan 31 09:52:30 myserver postfix/smtp[55845]: 2E49B4866E: host mx11.exchange.telus.com[205.206.208.34] refused to talk to me: 554-mx21.exchange.telus.com 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
Jan 31 09:52:30 myserver postfix/smtp[55856]: 12A4A4DF0A: to=<Ipoussons-poussettes@bellnet.ca>, relay=mxmta.bellnet.ca[67.69.240.61]:25, delay=231626, delays=231625/0.17/0.92/0, dsn=4.4.2, status=deferred (lost connection with mxmta.bellnet.ca[67.69.240.61] while receiving the initial server greeting)
Jan 31 09:52:30 myserver postfix/smtp[55845]: 2E49B4866E: host mx12.exchange.telus.com[205.206.208.35] refused to talk to me: 554-mx22.exchange.telus.com 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
Jan 31 09:52:30 myserver postfix/smtp[55850]: 53A1948A8C: to=<Troy@ExitInTheSoo.com>, relay=presmtp.ex1.secureserver.net[72.167.238.201]:25, delay=228581, delays=228579/0.15/1.2/0, dsn=4.0.0, status=deferred (host presmtp.ex1.secureserver.net[72.167.238.201] refused to talk to me: 554-p3pismtp01-057.prod.phx3.secureserver.net 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)
Jan 31 09:52:31 myserver postfix/smtp[55844]: 955704945F: to=<tpeddigrew@cogeco.ca>, relay=MX.cogeco.ca[216.221.81.26]:25, delay=228598, delays=228596/0.1/1.4/0, dsn=4.4.2, status=deferred (lost connection with MX.cogeco.ca[216.221.81.26] while receiving the initial server greeting)
Jan 31 09:52:31 myserver postfix/smtp[55845]: 2E49B4866E: host mx13.exchange.telus.com[209.171.64.82] refused to talk to me: 554-mx24.exchange.telus.com 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
Jan 31 09:52:31 myserver postfix/smtp[55845]: 2E49B4866E: to=<pwong@williamsengineering.com>, relay=mx14.exchange.telus.com[209.171.64.83]:25, delay=229196, delays=229194/0.1/1.6/0, dsn=4.0.0, status=deferred (host mx14.exchange.telus.com[209.171.64.83] refused to talk to me: 554-mx25.exchange.telus.com 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)
Jan 31 09:52:31 myserver postfix/smtp[55862]: 343EB486F0: to=<Qnicolas_gignac@inrs-ete.uquebec.ca>, relay=none, delay=229190, delays=229188/0.21/1.5/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=inrs-ete.uquebec.ca type=MX: Host not found, try again)
Jan 31 09:52:33 myserver postfix/smtp[55847]: 611C348731: to=<query@coastalwinds.com>, relay=none, delay=229189, delays=229185/0.13/3.3/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=coastalwinds.com type=MX: Host not found, try again)
Jan 31 09:52:33 myserver postfix/smtp[55848]: 6146948685: to=<Qfoisy.catherine.2@courrier.uqam.ca>, relay=mail3.uqam.ca[132.208.246.162]:25, delay=229195, delays=229191/0.14/3.5/0, dsn=4.0.0, status=deferred (host mail3.uqam.ca[132.208.246.162] refused to talk to me: 554-data.crochet.telecom.uqam.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)
Jan 31 09:52:59 myserver postfix/smtp[55854]: connect to gmail.co[173.194.34.182]:25: Connection timed out
Jan 31 09:52:59 myserver postfix/smtp[55860]: connect to hortmail.com[65.55.39.10]:25: Connection timed out
Jan 31 09:52:59 myserver postfix/smtp[55855]: connect to saskpower.ca[65.39.140.84]:25: Connection timed out
Jan 31 09:52:59 myserver postfix/smtp[55855]: 022C148CCF: to=<rgin@saskpower.ca>, relay=none, delay=229153, delays=229123/0.15/30/0, dsn=4.4.1, status=deferred (connect to saskpower.ca[65.39.140.84]:25: Connection timed out)
Jan 31 09:53:00 myserver postfix/smtp[55866]: connect to remax-lethbridge.com[208.91.196.163]:25: Connection timed out
Jan 31 09:53:00 myserver postfix/smtp[55866]: B370A48B44: to=<remax@remax-lethbridge.com>, relay=none, delay=229168, delays=229137/0.28/30/0, dsn=4.4.1, status=deferred (connect to remax-lethbridge.com[208.91.196.163]:25: Connection timed out)
Jan 31 09:53:29 myserver postfix/smtp[55854]: connect to gmail.co[173.194.34.181]:25: Connection timed out
Jan 31 09:53:29 myserver postfix/smtp[55854]: 056994B723: to=<Wesleyscott99@gmail.co>, relay=none, delay=228541, delays=228481/0.19/60/0, dsn=4.4.1, status=deferred (connect to gmail.co[173.194.34.181]:25: Connection timed out)
Jan 31 09:53:29 myserver postfix/smtp[55860]: connect to hortmail.com[64.4.6.100]:25: Connection timed out
Jan 31 09:53:29 myserver postfix/smtp[55860]: 3F3DE48F58: to=<rmaliaa@hortmail.com>, relay=none, delay=229137, delays=229076/0.19/60/0, dsn=4.4.1, status=deferred (connect to hortmail.com[64.4.6.100]:25: Connection timed out)
postsuper -h ALL将停止从您的服务器传出邮件。去做。马上。是的,它会影响实际的真实邮件。但是您的服务器已经被列入黑名单,因此您的大部分真实邮件无论如何都不会发送。
查看其中一封垃圾邮件的标题。这就是你如何找出它们来自哪里。如果没有看到这些标题,我无法为您提供更多信息。
清除队列中的垃圾邮件。如果您不关心仍在队列中的任何“真实”邮件,则删除整个队列将是最快和最简单的。这是通过postqueue -d ALL. 如果您不想删除整个队列,请使用 打印出队列内容postqueue -p。然后,对于您确实想要发送的每封邮件,查看该邮件的队列 ID 并使用 将其从保留中删除postsuper -H queue_ID。完成此操作后(并复制了一些垃圾邮件的内容以供进一步分析),您可以通过运行清除保留队列中剩余的垃圾邮件postsuper -d ALL hold。
如果有,您需要关闭 postfix。马上。在您弄清楚垃圾邮件的来源并确定您已阻止它之前,请不要重新启动它。在postfix 文档中有关于如何保护 postfix 服务器的信息。如果您已经这样做了,但垃圾邮件仍在通过,则可能是通过某些 Web 服务或其他恶意软件。弄清楚这一点超出了这个问题的范围。
您的邮件服务器已列入黑名单。您需要通过例如 ISP 服务器设置邮件中继,或者您需要摆脱黑名单。http://www.spamhaus.org/ 上有相关信息。
| 归档时间: |
|
| 查看次数: |
611 次 |
| 最近记录: |